Message280620
When a Python HTTPS server requests client certificates, it should send a CA list so the client knows which certificates are acceptable.
It looks like right now Python calls SSL_CTX_load_verify_locations, so once the client certificate is sent, Python can verify whether the client against the specify CAs. However, it looks like Python should also call SSL_CTX_set_client_CA_list so the client knows which certificates to send. |
|
Date |
User |
Action |
Args |
2016-11-11 23:30:24 | kchen | set | recipients:
+ kchen, christian.heimes |
2016-11-11 23:30:24 | kchen | set | messageid: <1478907024.8.0.970370695387.issue28671@psf.upfronthosting.co.za> |
2016-11-11 23:30:24 | kchen | link | issue28671 messages |
2016-11-11 23:30:24 | kchen | create | |
|